Skip to content

Bump jetty.version from 12.1.7 to 12.1.8#335

Merged
garydgregory merged 1 commit intomasterfrom
dependabot/maven/jetty.version-12.1.8
Apr 17, 2026
Merged

Bump jetty.version from 12.1.7 to 12.1.8#335
garydgregory merged 1 commit intomasterfrom
dependabot/maven/jetty.version-12.1.8

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 17, 2026

Bumps jetty.version from 12.1.7 to 12.1.8.
Updates org.eclipse.jetty:jetty-client from 12.1.7 to 12.1.8

Updates org.eclipse.jetty:jetty-bom from 12.1.7 to 12.1.8

Release notes

Sourced from org.eclipse.jetty:jetty-bom's releases.

12.1.8

Special Thanks to the following Eclipse Jetty community members

Changelog

  • 14757 Fixes for JASPI isMandatory, authType and isAuthenticationRequest params - Addresses CVE-2026-5795
  • #14752 - Jetty 12.1 Violation of RFC9113 with Host and :authority headers
  • #14747 - Revert usage of SLF4J2 fluent APIs
  • #14732 - possible race condition in jetty 12.x code
  • #14694 - Sync jetty-ee11 with jetty-ee10
  • #14689 - ThreadIdPool.take() bottlenecks QueuedThreadPool.tryExecute()
  • #14687 - Destinations don't keep track of redirections.
  • #14685 - CachingHttpContentFactory#getContent may return null if httpContent size is not set
  • #14651 - Retain negative Max-Age cookie attribute
  • #14494 - Review use of CharsetStringBuilder subclasses
  • #14431 - ServletContainerInitializers are always excluded when used with absolute-ordering
  • #14332 - Complete mess with idleTimeout
  • #13685 - Infinite loop on Content.copy() with Content.Source.from(... , Path, ) when Path has size 0.
  • #13513 - Make MemoryEndPoint use RBB.DynamicCapacity (@​afarber)
  • #10906 - Add Slf4j ConsoleRequestLog (JettySlf4jRequestLog) module
Commits
  • c9cdc9a Updating to version 12.1.8
  • 1f4039c Fixes for JASPI isMandatory, authType and isAuthenticationRequest params (#14...
  • 0bc383d Issue #14431 - fixes for ServletContainerInitializer exclusion with absolute-...
  • 31824d4 Optimize ThreadIdPool (#14746)
  • fc10b2d Fixes #14651 - Retain negative Max-Age cookie attribute. (#14652)
  • 3c269e3 Merge pull request #14687 from jetty/fix/jetty-12.1.x/108-cache-permanent-red...
  • 5a63f39 Fixes#108 - Destinations don't keep track of redirections.
  • 74fde46 Fixes #14751 - jetty-bom is missing jetty-quic-quiche-server
  • 124558c Fixes #14752 - Jetty 12.1 Violation of RFC9113 with Host and :authority heade...
  • 8c218d9 [12.1.x Root pom] Bump com.google.protobuf:protobuf-java (#14796)
  • Additional commits viewable in compare view

Updates org.eclipse.jetty.ee11:jetty-ee11-servlet from 12.1.7 to 12.1.8

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump jetty.version from 12.1.7 to 12.1.8
1feebed 
Bumps `jetty.version` from 12.1.7 to 12.1.8.

Updates `org.eclipse.jetty:jetty-client` from 12.1.7 to 12.1.8

Updates `org.eclipse.jetty:jetty-bom` from 12.1.7 to 12.1.8
- [Release notes](https://github.com/jetty/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-12.1.7...jetty-12.1.8)

Updates `org.eclipse.jetty.ee11:jetty-ee11-servlet` from 12.1.7 to 12.1.8

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-client
  dependency-version: 12.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-bom
  dependency-version: 12.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty.ee11:jetty-ee11-servlet
  dependency-version: 12.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Apr 17, 2026
@garydgregory garydgregory merged commit 49123fc into master Apr 17, 2026
9 checks passed
@garydgregory garydgregory deleted the dependabot/maven/jetty.version-12.1.8 branch April 17, 2026 10:13
garydgregory added a commit that referenced this pull request Apr 17, 2026
@garydgregory
Bump jetty.version from 12.1.7 to 12.1.8 #335
ff6f2d8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@garydgregory